cryptix.provider.rsa
public abstract class Any_RSA_PKCS1Signature extends Signature
References:
Copyright © 1997
Systemics Ltd on behalf of the
Cryptix Development Team.
All rights reserved.
$Revision: 1.9 $
Since: Cryptix 2.2.2
Constructor Summary | |
---|---|
protected | Any_RSA_PKCS1Signature(String mdAlgorithm)
Constructor for an Any_RSA_PKCS1Signature.
|
Method Summary | |
---|---|
protected Object | engineGetParameter(String param) |
protected void | engineInitSign(PrivateKey key)
SPI: Initializes this signature object for signing, using the
given private key.
|
protected void | engineInitVerify(PublicKey key)
SPI: Initializes this signature object for verification, using
the given public key.
|
protected void | engineSetParameter(String param, Object value) |
protected byte[] | engineSign()
Terminates the update process and returns the signature bytes of
all the data signed so far.
|
protected void | engineUpdate(byte b)
Updates the data to be signed or verified, using one byte.
|
protected void | engineUpdate(byte[] in, int offset, int length)
Updates the data to be signed or verified, using the specified
sub-array of bytes, starting at the specified offset.
|
protected boolean | engineVerify(byte[] signature)
Terminates the update process and verifies that the passed signature
equals that of a generated one based on the updated data so far.
|
protected abstract byte[] | getAlgorithmEncoding()
Returns the ASN.1 bytes of the AlgorithmIdentifier token described
in engineSign() method above.
|
Parameters: mdAlgorithm the standard JCA algorithm name of the message digest to be used.
Parameters: key the private key to be used to generate signatures.
Throws: InvalidKeyException If the key class does not implement java.security.interfaces.RSAPrivateKey or If the size of the minimal PKCS#1 frame generated by the engineSign() method will be larger than the public key modulus.
Parameters: key the public key this signature is assumed to have been generated with.
Throws: InvalidKeyException If the key class does not implement java.security.interfaces.RSAPrivateKey or If the size of the minimal PKCS#1 frame generated by the engineSign() method will be larger than the public key modulus.
NOTES: Sun's documentation talks about the bytes returned being X.509-encoded. For this RSA/PKCS#1 implementation, they conform to PKCS#1 section 10. Practically, the return value will be formed by concatenating a leading NULL byte, a block type BT, a padding block PS, another NULLbyte, and finally a data block D; ie:
return = 0x00 || BT || PS || 0x00 || D.For signing, PKCS#1 block type 01 encryption-block formatting scheme is employed. The block type BT is a single byte valued 0x01 and the padding block PS is enough 0xFF bytes to make the length of the complete RSA Multi Precision Integer equal to the length of the public modulus. The data block D consists of the MIC -- Message Integrity Check, or message digest value-- and the MIC algorithm ASN.1 encoded identifier. The formal syntax in ASN.1 notation is:
SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING } AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters ANY DEFINED BY algorithm OPTIONAL }
Returns: the signature bytes of the signing operation's result.
Throws: SignatureException if the engine is not initialised properly.
Parameters: b the byte to use for the update process.
Throws: SignatureException if the engine is not initialised properly.
Parameters: in the array of bytes. offset the offset to start from in in. length the number of bytes to use, starting at offset.
Throws: SignatureException if the engine is not initialised properly.
NOTES: Sun's documentation talks about the bytes received
being X.509-encoded. For this RSA/PKCS#1 implementation, the bytes
received are assumed to conform to PKCS#1 section 10, or have
been generated by a previous invocation of the engineSign
method.
Parameters: signature the signature bytes to be verified.
Returns: true if the signature was verified successfully, false otherwise.
Throws: SignatureException if the engine is not initialised properly, the received signature data is improperly encoded or of the wrong type, etc.
engineSign()
method above.
Returns: the AlgorithmIdentifier bytes.